From 2d17ae7d91ea5272e3d991c980446206bbcae81a Mon Sep 17 00:00:00 2001 From: nsimons Date: Thu, 15 Dec 2022 18:19:43 +0200 Subject: [PATCH] Use filename as key in the hashes map (#28) --- internal/manifest/manifest.go | 8 ++++---- internal/manifest/manifest_test.go | 2 ++ internal/manifest/testdata/certs-state-1.yaml | 5 +++++ internal/manifest/testdata/certs-state-2.yaml | 5 +++++ 4 files changed, 16 insertions(+), 4 deletions(-) diff --git a/internal/manifest/manifest.go b/internal/manifest/manifest.go index 9be0464..7f3bc61 100644 --- a/internal/manifest/manifest.go +++ b/internal/manifest/manifest.go @@ -38,7 +38,7 @@ type Manifest struct { // certs is a map from subject name to CertificateManifest. certs map[string]*CertificateManifest - // hashes is a map from subject name to hash of CertificateManifest struct. + // hashes is a map from file name (typically subject name) to hash of CertificateManifest struct. // It is stored and read from certyaml's .state file between consequent executions of certyaml. hashes map[string]string @@ -107,7 +107,7 @@ func GenerateCertificates(output io.Writer, manifestFile, stateFile, destDir str } // Compare hash from state file to hash of the loaded certificate. - hash, ok := m.hashes[c.Subject] + hash, ok := m.hashes[c.Filename] if ok && c.GeneratedCert != nil && hash == c.hash() { fmt.Fprintf(output, "No changes: skipping %s\n", c.Filename) continue // Continue to next certificate in manifest. @@ -117,12 +117,12 @@ func GenerateCertificates(output io.Writer, manifestFile, stateFile, destDir str // "adopt" the existing certificate like we would have generated it. if !ok && c.GeneratedCert != nil { fmt.Fprintf(output, "Recognized existing certificate: skipping %s\n", c.Filename) - m.hashes[c.Subject] = c.hash() + m.hashes[c.Filename] = c.hash() continue // Continue to next certificate in manifest. } // Store hash of the current state of the certificate. - m.hashes[c.Subject] = c.hash() + m.hashes[c.Filename] = c.hash() // Write the certificate and key to data dir. certFile := path.Join(m.dataDir, c.Filename+".pem") diff --git a/internal/manifest/manifest_test.go b/internal/manifest/manifest_test.go index c842566..1126702 100644 --- a/internal/manifest/manifest_test.go +++ b/internal/manifest/manifest_test.go @@ -61,6 +61,8 @@ func TestManifestHandling(t *testing.T) { "server-root-ca.pem", "shortlived-key.pem", "shortlived.pem", + "shortlived2m-key.pem", + "shortlived2m.pem", "state.yaml", } diff --git a/internal/manifest/testdata/certs-state-1.yaml b/internal/manifest/testdata/certs-state-1.yaml index f179ea1..63ec2f5 100644 --- a/internal/manifest/testdata/certs-state-1.yaml +++ b/internal/manifest/testdata/certs-state-1.yaml @@ -25,6 +25,11 @@ subject: cn=shortlived issuer: cn=intermediate-ca expires: 1m --- +subject: cn=shortlived +issuer: cn=intermediate-ca +expires: 2m +filename: shortlived2m +--- subject: cn=client-root-ca --- subject: CN=John Doe,OU=People,O=Company diff --git a/internal/manifest/testdata/certs-state-2.yaml b/internal/manifest/testdata/certs-state-2.yaml index 6ca0838..6d8b581 100644 --- a/internal/manifest/testdata/certs-state-2.yaml +++ b/internal/manifest/testdata/certs-state-2.yaml @@ -25,6 +25,11 @@ subject: cn=shortlived issuer: cn=intermediate-ca expires: 1m --- +subject: cn=shortlived +issuer: cn=intermediate-ca +expires: 2m +filename: shortlived2m +--- subject: cn=client-root-ca --- subject: CN=John Doe,OU=People,O=Company